package cn.tedu.knows.sys.security;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    //当前项目暂时不需要Spring Security安全管理
    //我们设置任何请求全部都放行
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable() //防跨域攻击
            .authorizeRequests()
            .anyRequest().permitAll();
    }
}
